Always On VPN Security Updates June 2024

The Microsoft security updates for June 2024 have now been published. Reviewing the list of bulletins shows three security updates of importance to Always On VPN administrators. Two affect the Windows Server Routing and Remote Access (RRAS) service, and one affects the Remote Access Connection Manager (RasMan) service. None of the updates are critical this month, which is good news.

RRAS

The following are the two security updates from this month’s cycle affecting Windows Server RRAS.

CVE-2024-30094 – Windows RRAS Remote Code Execution Vulnerability (Important)

CVE-2024-30095 – Windows RRAS Remote Code Execution Vulnerability (Important)

RasMan

The following security update affects the Remote Access Connection Manager (RasMan) service on Windows Server systems.

CVE-2024-30069 – Windows Remote Access Connection Manager Information Disclosure Vulnerability (Important)

Recommendations

None of the security vulnerabilities disclosed this month are critical and require local access to the system to take advantage of the exploit. However, administrators should update their systems as soon as possible.

Additional Information

Microsoft June 2024 Security Updates